cloud-init

RFE: chpasswd in cloud-init should support hashed passwords

Bug #1570325 reported by Tore
18
This bug affects 3 people
Affects Status Importance Assigned to Milestone
cloud-init
Fix Released
Medium
Unassigned
cloud-init (Ubuntu)
Fix Released
Medium
Unassigned
Xenial
Fix Released
Medium
Unassigned
Yakkety
Fix Released
Medium
Unassigned

Bug Description

=== Begin SRU Template ===
[Impact]
The only way to assign a hashed password to a user is to use passwd within a
users entry like this:
 users:
   - name: root
     passwd: $6$Cl....Hy$IEJciQZLxQLzkST......g.bzqf3lUl.

But, if that user is already present on the system, cloud-init would skip
setting the password. The change was to add support for providing
encrypted passwords to 'chpasswd' as:

 chpasswd:
   list: |
     user:$5$eriogqzq$Dg7PxHsKGzziuEGkZgkLvacjuEFeljJ.rLf.hZqKQLA

[Test Case]
There is an integration test in cloud-init that runs though this code.
To run that:

$ git clone https://git.launchpad.net/cloud-init
$ cd cloud-init

# download the appropriate deb for cloud-init from -proposed
$ rel=xenial
$ pver=$(rmadison --url=ubuntu --suite=$rel-proposed cloud-init | awk '{print $3}')
$ fname="cloud-init_${pver}_all.deb"
$ wget "http://archive.ubuntu.com/ubuntu/pool/main/c/cloud-init/$fname"
$ ln -sf $fname cloud-init_all.$rel.deb
$ tox -e citest -- run -v -n $rel --deb=cloud-init_all.$rel.deb \
   -t tests/cloud_tests/testcases/modules/set_password_list_string.py \
   -t tests/cloud_tests/testcases/modules/set_password_list.py
That will install the new cloud-init into a container and run
with user data to excercise this new feature.

[Regression Potential]
Some user passwords provided via chpasswd and starting with '$'
may be interpreted as hashed passwords.
Specifically, those matching: r'\$[1,2a,2y,5,6](\$.+){2}'

In english, that regex is:
  - starts with a '$'
  - followed by '1', '2a', '2y', '5', '6'
  - followed by a $
  - followed by 1 or more characters
  - followed by another $
  - followed by 1 or more characters

So a total of 3 '$' and starting with one of those specific 3 or 4
character strings. That could definitely happen, but it is low odds, and also fairly low risk. If a user hits this, they'd be unable to reach a new instance.

[Other Info]
Upstream commit:
 https://git.launchpad.net/cloud-init/commit/?id=21632972df034

=== End SRU Template ===

The only way to assign a hashed password to a user is to use passwd within a users entry like this:
users:
   - name: root
     passwd: $6$Cl....Hy$IEJciQZLxQLzkST......g.bzqf3lUl.

But, if that user is already present on the system, cloud-init will skip setting the password:
journal: [CLOUDINIT] __init__.py[INFO]: User root already exists, skipping.

You can change password with chpasswd, but that only supports clear-text password.

Requesting that chpasswd get support for setting a hashed password to users.

See original description

Related branches

~smoser/cloud-init:bug/1570325-chpasswd-hashed-passwds
Server Team CI bot: Approve (continuous-integration)
cloud-init Commiters: Pending requested
Diff: 168 lines (+53/-14)
5 files modified
cloudinit/config/cc_set_passwords.py (+35/-13)
doc/examples/cloud-config.txt (+8/-1)
tests/cloud_tests/configs/modules/set_password_list.yaml (+3/-0)
tests/cloud_tests/configs/modules/set_password_list_string.yaml (+3/-0)
tests/cloud_tests/testcases/base.py (+4/-0)
~smoser/cloud-init:bug/1570325-chpasswd-hashed-passwds
Tore: Approve
Diff: 27550 lines (+14914/-4663) (has conflicts)
465 files modified
.gitignore (+1/-0)
.pylintrc (+39/-0)
ChangeLog (+97/-0)
HACKING.rst (+8/-7)
LICENSE (+22/-674)
LICENSE-Apache2.0 (+202/-0)
LICENSE-GPLv3 (+674/-0)
Makefile (+9/-5)
cloudinit/__init__.py (+0/-21)
cloudinit/atomic_helper.py (+3/-2)
cloudinit/cloud.py (+6/-20)
cloudinit/cmd/__init__.py (+0/-21)
cloudinit/cmd/main.py (+177/-38)
cloudinit/config/__init__.py (+7/-18)
cloudinit/config/cc_apt_configure.py (+10/-20)
cloudinit/config/cc_apt_pipelining.py (+5/-15)
cloudinit/config/cc_bootcmd.py (+8/-18)
cloudinit/config/cc_byobu.py (+7/-17)
cloudinit/config/cc_ca_certs.py (+7/-17)
cloudinit/config/cc_chef.py (+8/-18)
cloudinit/config/cc_debug.py (+4/-14)
cloudinit/config/cc_disable_ec2_metadata.py (+7/-17)
cloudinit/config/cc_disk_setup.py (+14/-24)
cloudinit/config/cc_emit_upstart.py (+7/-17)
cloudinit/config/cc_fan.py (+5/-15)
cloudinit/config/cc_final_message.py (+7/-17)
cloudinit/config/cc_foo.py (+7/-17)
cloudinit/config/cc_growpart.py (+8/-17)
cloudinit/config/cc_grub_dpkg.py (+7/-17)
cloudinit/config/cc_keys_to_console.py (+7/-17)
cloudinit/config/cc_landscape.py (+7/-17)
cloudinit/config/cc_locale.py (+7/-17)
cloudinit/config/cc_lxd.py (+5/-15)
cloudinit/config/cc_mcollective.py (+8/-18)
cloudinit/config/cc_migrator.py (+5/-15)
cloudinit/config/cc_mounts.py (+52/-32)
cloudinit/config/cc_ntp.py (+5/-15)
cloudinit/config/cc_package_update_upgrade_install.py (+5/-15)
cloudinit/config/cc_phone_home.py (+7/-17)
cloudinit/config/cc_power_state_change.py (+5/-15)
cloudinit/config/cc_puppet.py (+7/-17)
cloudinit/config/cc_resizefs.py (+8/-17)
cloudinit/config/cc_resolv_conf.py (+7/-17)
cloudinit/config/cc_rh_subscription.py (+8/-17)
cloudinit/config/cc_rightscale_userdata.py (+7/-17)
cloudinit/config/cc_rsyslog.py (+8/-17)
cloudinit/config/cc_runcmd.py (+7/-17)
cloudinit/config/cc_salt_minion.py (+4/-14)
cloudinit/config/cc_scripts_per_boot.py (+7/-17)
cloudinit/config/cc_scripts_per_instance.py (+7/-17)
cloudinit/config/cc_scripts_per_once.py (+7/-17)
cloudinit/config/cc_scripts_user.py (+7/-17)
cloudinit/config/cc_scripts_vendor.py (+6/-16)
cloudinit/config/cc_seed_random.py (+8/-18)
cloudinit/config/cc_set_hostname.py (+8/-18)
cloudinit/config/cc_set_passwords.py (+52/-19)
cloudinit/config/cc_snap_config.py (+5/-15)
cloudinit/config/cc_snappy.py (+3/-13)
cloudinit/config/cc_spacewalk.py (+3/-13)
cloudinit/config/cc_ssh.py (+7/-17)
cloudinit/config/cc_ssh_authkey_fingerprints.py (+5/-15)
cloudinit/config/cc_ssh_import_id.py (+7/-17)
cloudinit/config/cc_timezone.py (+7/-17)
cloudinit/config/cc_ubuntu_init_switch.py (+5/-15)
cloudinit/config/cc_update_etc_hosts.py (+7/-17)
cloudinit/config/cc_update_hostname.py (+7/-17)
cloudinit/config/cc_users_groups.py (+5/-15)
cloudinit/config/cc_write_files.py (+5/-15)
cloudinit/config/cc_yum_add_repo.py (+5/-15)
cloudinit/cs_utils.py (+6/-15)
cloudinit/dhclient_hook.py (+3/-2)
cloudinit/distros/__init__.py (+35/-28)
cloudinit/distros/arch.py (+5/-15)
cloudinit/distros/debian.py (+25/-32)
cloudinit/distros/fedora.py (+9/-19)
cloudinit/distros/freebsd.py (+5/-15)
cloudinit/distros/gentoo.py (+7/-17)
cloudinit/distros/net_util.py (+9/-19)
cloudinit/distros/parsers/__init__.py (+5/-15)
cloudinit/distros/parsers/hostname.py (+5/-15)
cloudinit/distros/parsers/hosts.py (+5/-15)
cloudinit/distros/parsers/resolv_conf.py (+12/-19)
cloudinit/distros/parsers/sys_conf.py (+5/-15)
cloudinit/distros/rhel.py (+22/-32)
cloudinit/distros/rhel_util.py (+9/-20)
cloudinit/distros/sles.py (+5/-17)
cloudinit/distros/ubuntu.py (+10/-20)
cloudinit/distros/ug_util.py (+10/-20)
cloudinit/ec2_utils.py (+11/-18)
cloudinit/filters/__init__.py (+0/-21)
cloudinit/filters/launch_index.py (+9/-19)
cloudinit/gpg.py (+8/-17)
cloudinit/handlers/__init__.py (+9/-19)
cloudinit/handlers/boot_hook.py (+9/-19)
cloudinit/handlers/cloud_config.py (+9/-19)
cloudinit/handlers/shell_script.py (+9/-19)
cloudinit/handlers/upstart_job.py (+10/-20)
cloudinit/helpers.py (+11/-19)
cloudinit/importer.py (+9/-19)
cloudinit/log.py (+9/-19)
cloudinit/mergers/__init__.py (+5/-15)
cloudinit/mergers/m_dict.py (+5/-15)
cloudinit/mergers/m_list.py (+5/-15)
cloudinit/mergers/m_str.py (+3/-14)
cloudinit/net/__init__.py (+94/-98)
cloudinit/net/cmdline.py (+27/-26)
cloudinit/net/eni.py (+42/-38)
cloudinit/net/netplan.py (+373/-0)
cloudinit/net/network_state.py (+312/-22)
cloudinit/net/renderer.py (+16/-15)
cloudinit/net/renderers.py (+53/-0)
cloudinit/net/sysconfig.py (+69/-35)
cloudinit/net/udev.py (+3/-14)
cloudinit/netinfo.py (+9/-19)
cloudinit/patcher.py (+7/-17)
cloudinit/registry.py (+5/-3)
cloudinit/reporting/__init__.py (+3/-2)
cloudinit/reporting/events.py (+4/-3)
cloudinit/reporting/handlers.py (+3/-1)
cloudinit/safeyaml.py (+6/-15)
cloudinit/serial.py (+3/-14)
cloudinit/settings.py (+12/-19)
cloudinit/signal_handler.py (+7/-17)
cloudinit/sources/DataSourceAliYun.py (+8/-1)
cloudinit/sources/DataSourceAltCloud.py (+10/-20)
cloudinit/sources/DataSourceAzure.py (+158/-144)
cloudinit/sources/DataSourceBigstep.py (+7/-4)
cloudinit/sources/DataSourceCloudSigma.py (+7/-16)
cloudinit/sources/DataSourceCloudStack.py (+13/-23)
cloudinit/sources/DataSourceConfigDrive.py (+15/-22)
cloudinit/sources/DataSourceDigitalOcean.py (+5/-15)
cloudinit/sources/DataSourceEc2.py (+159/-21)
cloudinit/sources/DataSourceGCE.py (+5/-15)
cloudinit/sources/DataSourceMAAS.py (+7/-17)
cloudinit/sources/DataSourceNoCloud.py (+9/-19)
cloudinit/sources/DataSourceNone.py (+5/-15)
cloudinit/sources/DataSourceOVF.py (+42/-23)
cloudinit/sources/DataSourceOpenNebula.py (+15/-25)
cloudinit/sources/DataSourceOpenStack.py (+17/-18)
cloudinit/sources/DataSourceSmartOS.py (+6/-17)
cloudinit/sources/__init__.py (+25/-21)
cloudinit/sources/helpers/__init__.py (+0/-13)
cloudinit/sources/helpers/azure.py (+4/-0)
cloudinit/sources/helpers/digitalocean.py (+4/-14)
cloudinit/sources/helpers/openstack.py (+21/-19)
cloudinit/sources/helpers/vmware/__init__.py (+0/-13)
cloudinit/sources/helpers/vmware/imc/__init__.py (+0/-13)
cloudinit/sources/helpers/vmware/imc/boot_proto.py (+6/-16)
cloudinit/sources/helpers/vmware/imc/config.py (+6/-16)
cloudinit/sources/helpers/vmware/imc/config_file.py (+6/-16)
cloudinit/sources/helpers/vmware/imc/config_namespace.py (+6/-16)
cloudinit/sources/helpers/vmware/imc/config_nic.py (+12/-34)
cloudinit/sources/helpers/vmware/imc/config_source.py (+6/-16)
cloudinit/sources/helpers/vmware/imc/guestcust_error.py (+6/-16)
cloudinit/sources/helpers/vmware/imc/guestcust_event.py (+6/-16)
cloudinit/sources/helpers/vmware/imc/guestcust_state.py (+6/-16)
cloudinit/sources/helpers/vmware/imc/guestcust_util.py (+6/-16)
cloudinit/sources/helpers/vmware/imc/ipv4_mode.py (+6/-16)
cloudinit/sources/helpers/vmware/imc/nic.py (+6/-16)
cloudinit/sources/helpers/vmware/imc/nic_base.py (+6/-16)
cloudinit/ssh_util.py (+26/-24)
cloudinit/stages.py (+40/-38)
cloudinit/templater.py (+11/-21)
cloudinit/type_utils.py (+9/-19)
cloudinit/url_helper.py (+10/-20)
cloudinit/user_data.py (+9/-19)
cloudinit/util.py (+89/-93)
cloudinit/version.py (+13/-16)
cloudinit/warnings.py (+139/-0)
config/cloud.cfg.d/05_logging.cfg (+10/-5)
dev/null (+0/-53)
doc/examples/cloud-config-apt.txt (+2/-2)
doc/examples/cloud-config-boot-cmds.txt (+2/-2)
doc/examples/cloud-config-gluster.txt (+2/-2)
doc/examples/cloud-config-mount-points.txt (+4/-4)
doc/examples/cloud-config.txt (+4/-4)
doc/merging.rst (+42/-35)
doc/rtd/index.rst (+32/-17)
doc/rtd/topics/availability.rst (+4/-3)
doc/rtd/topics/boot.rst (+128/-0)
doc/rtd/topics/capabilities.rst (+31/-6)
doc/rtd/topics/datasources.rst (+38/-140)
doc/rtd/topics/datasources/altcloud.rst (+91/-0)
doc/rtd/topics/datasources/azure.rst (+155/-0)
doc/rtd/topics/datasources/cloudsigma.rst (+40/-0)
doc/rtd/topics/datasources/cloudstack.rst (+34/-0)
doc/rtd/topics/datasources/configdrive.rst (+129/-0)
doc/rtd/topics/datasources/digitalocean.rst (+28/-0)
doc/rtd/topics/datasources/ec2.rst (+61/-0)
doc/rtd/topics/datasources/fallback.rst (+16/-0)
doc/rtd/topics/datasources/maas.rst (+8/-0)
doc/rtd/topics/datasources/nocloud.rst (+75/-0)
doc/rtd/topics/datasources/opennebula.rst (+146/-0)
doc/rtd/topics/datasources/openstack.rst (+62/-0)
doc/rtd/topics/datasources/ovf.rst (+12/-0)
doc/rtd/topics/datasources/smartos.rst (+164/-0)
doc/rtd/topics/dir_layout.rst (+3/-2)
doc/rtd/topics/examples.rst (+22/-21)
doc/rtd/topics/format.rst (+22/-20)
doc/rtd/topics/hacking.rst (+1/-0)
doc/rtd/topics/logging.rst (+20/-19)
doc/rtd/topics/merging.rst (+3/-2)
doc/rtd/topics/modules.rst (+3/-2)
doc/rtd/topics/moreinfo.rst (+4/-3)
doc/rtd/topics/tests.rst (+289/-0)
doc/rtd/topics/vendordata.rst (+71/-0)
packages/debian/copyright (+16/-0)
packages/debian/rules.in (+2/-0)
packages/redhat/cloud-init.spec.in (+4/-3)
packages/suse/cloud-init.spec.in (+1/-1)
setup.py (+12/-21)
systemd/cloud-init-generator (+37/-2)
systemd/cloud-init-local.service (+3/-3)
systemd/cloud-init.service (+2/-4)
sysvinit/redhat/cloud-config (+3/-16)
sysvinit/redhat/cloud-final (+3/-16)
sysvinit/redhat/cloud-init (+3/-16)
sysvinit/redhat/cloud-init-local (+3/-16)
tests/cloud_tests/__init__.py (+31/-0)
tests/cloud_tests/__main__.py (+93/-0)
tests/cloud_tests/args.py (+221/-0)
tests/cloud_tests/collect.py (+161/-0)
tests/cloud_tests/config.py (+113/-0)
tests/cloud_tests/configs/bugs/README.md (+13/-0)
tests/cloud_tests/configs/bugs/lp1511485.yaml (+11/-0)
tests/cloud_tests/configs/bugs/lp1611074.yaml (+8/-0)
tests/cloud_tests/configs/bugs/lp1628337.yaml (+20/-0)
tests/cloud_tests/configs/examples/README.md (+12/-0)
tests/cloud_tests/configs/examples/TODO.md (+15/-0)
tests/cloud_tests/configs/examples/add_apt_repositories.yaml (+21/-0)
tests/cloud_tests/configs/examples/alter_completion_message.yaml (+16/-0)
tests/cloud_tests/configs/examples/configure_instance_trusted_ca_certificates.yaml (+41/-0)
tests/cloud_tests/configs/examples/configure_instances_ssh_keys.yaml (+63/-0)
tests/cloud_tests/configs/examples/including_user_groups.yaml (+53/-0)
tests/cloud_tests/configs/examples/install_arbitrary_packages.yaml (+20/-0)
tests/cloud_tests/configs/examples/install_run_chef_recipes.yaml (+94/-0)
tests/cloud_tests/configs/examples/run_apt_upgrade.yaml (+11/-0)
tests/cloud_tests/configs/examples/run_commands.yaml (+16/-0)
tests/cloud_tests/configs/examples/run_commands_first_boot.yaml (+16/-0)
tests/cloud_tests/configs/examples/setup_run_puppet.yaml (+55/-0)
tests/cloud_tests/configs/examples/writing_out_arbitrary_files.yaml (+45/-0)
tests/cloud_tests/configs/main/README.md (+11/-0)
tests/cloud_tests/configs/main/command_output_simple.yaml (+13/-0)
tests/cloud_tests/configs/modules/README.md (+12/-0)
tests/cloud_tests/configs/modules/TODO.md (+100/-0)
tests/cloud_tests/configs/modules/apt_configure_conf.yaml (+19/-0)
tests/cloud_tests/configs/modules/apt_configure_disable_suites.yaml (+17/-0)
tests/cloud_tests/configs/modules/apt_configure_primary.yaml (+19/-0)
tests/cloud_tests/configs/modules/apt_configure_proxy.yaml (+16/-0)
tests/cloud_tests/configs/modules/apt_configure_security.yaml (+15/-0)
tests/cloud_tests/configs/modules/apt_configure_sources_key.yaml (+47/-0)
tests/cloud_tests/configs/modules/apt_configure_sources_keyserver.yaml (+20/-0)
tests/cloud_tests/configs/modules/apt_configure_sources_list.yaml (+19/-0)
tests/cloud_tests/configs/modules/apt_configure_sources_ppa.yaml (+20/-0)
tests/cloud_tests/configs/modules/apt_pipelining_disable.yaml (+13/-0)
tests/cloud_tests/configs/modules/apt_pipelining_os.yaml (+13/-0)
tests/cloud_tests/configs/modules/bootcmd.yaml (+13/-0)
tests/cloud_tests/configs/modules/byobu.yaml (+18/-0)
tests/cloud_tests/configs/modules/ca_certs.yaml (+52/-0)
tests/cloud_tests/configs/modules/debug_disable.yaml (+9/-0)
tests/cloud_tests/configs/modules/debug_enable.yaml (+9/-0)
tests/cloud_tests/configs/modules/final_message.yaml (+13/-0)
tests/cloud_tests/configs/modules/keys_to_console.yaml (+13/-0)
tests/cloud_tests/configs/modules/landscape.yaml (+26/-0)
tests/cloud_tests/configs/modules/locale.yaml (+19/-0)
tests/cloud_tests/configs/modules/lxd_bridge.yaml (+30/-0)
tests/cloud_tests/configs/modules/lxd_dir.yaml (+17/-0)
tests/cloud_tests/configs/modules/ntp.yaml (+20/-0)
tests/cloud_tests/configs/modules/ntp_pools.yaml (+23/-0)
tests/cloud_tests/configs/modules/ntp_servers.yaml (+20/-0)
tests/cloud_tests/configs/modules/package_update_upgrade_install.yaml (+22/-0)
tests/cloud_tests/configs/modules/runcmd.yaml (+13/-0)
tests/cloud_tests/configs/modules/salt_minion.yaml (+34/-0)
tests/cloud_tests/configs/modules/seed_random_command.yaml (+18/-0)
tests/cloud_tests/configs/modules/seed_random_data.yaml (+15/-0)
tests/cloud_tests/configs/modules/set_hostname.yaml (+18/-0)
tests/cloud_tests/configs/modules/set_hostname_fqdn.yaml (+20/-0)
tests/cloud_tests/configs/modules/set_password.yaml (+17/-0)
tests/cloud_tests/configs/modules/set_password_expire.yaml (+28/-0)
tests/cloud_tests/configs/modules/set_password_list.yaml (+40/-0)
tests/cloud_tests/configs/modules/set_password_list_string.yaml (+40/-0)
tests/cloud_tests/configs/modules/snappy.yaml (+13/-0)
tests/cloud_tests/configs/modules/ssh_auth_key_fingerprints_disable.yaml (+13/-0)
tests/cloud_tests/configs/modules/ssh_auth_key_fingerprints_enable.yaml (+16/-0)
tests/cloud_tests/configs/modules/ssh_import_id.yaml (+14/-0)
tests/cloud_tests/configs/modules/ssh_keys_generate.yaml (+42/-0)
tests/cloud_tests/configs/modules/ssh_keys_provided.yaml (+102/-0)
tests/cloud_tests/configs/modules/timezone.yaml (+14/-0)
tests/cloud_tests/configs/modules/user_groups.yaml (+50/-0)
tests/cloud_tests/configs/modules/write_files.yaml (+42/-0)
tests/cloud_tests/images/__init__.py (+11/-0)
tests/cloud_tests/images/base.py (+65/-0)
tests/cloud_tests/images/lxd.py (+92/-0)
tests/cloud_tests/instances/__init__.py (+10/-0)
tests/cloud_tests/instances/base.py (+120/-0)
tests/cloud_tests/instances/lxd.py (+121/-0)
tests/cloud_tests/manage.py (+75/-0)
tests/cloud_tests/platforms.yaml (+17/-0)
tests/cloud_tests/platforms/__init__.py (+19/-0)
tests/cloud_tests/platforms/base.py (+53/-0)
tests/cloud_tests/platforms/lxd.py (+97/-0)
tests/cloud_tests/releases.yaml (+79/-0)
tests/cloud_tests/setup_image.py (+195/-0)
tests/cloud_tests/snapshots/__init__.py (+10/-0)
tests/cloud_tests/snapshots/base.py (+44/-0)
tests/cloud_tests/snapshots/lxd.py (+50/-0)
tests/cloud_tests/stage.py (+113/-0)
tests/cloud_tests/testcases.yaml (+27/-0)
tests/cloud_tests/testcases/__init__.py (+47/-0)
tests/cloud_tests/testcases/base.py (+137/-0)
tests/cloud_tests/testcases/bugs/__init__.py (+8/-0)
tests/cloud_tests/testcases/bugs/lp1511485.py (+15/-0)
tests/cloud_tests/testcases/bugs/lp1628337.py (+23/-0)
tests/cloud_tests/testcases/examples/__init__.py (+8/-0)
tests/cloud_tests/testcases/examples/add_apt_repositories.py (+20/-0)
tests/cloud_tests/testcases/examples/alter_completion_message.py (+49/-0)
tests/cloud_tests/testcases/examples/configure_instance_trusted_ca_certificates.py (+27/-0)
tests/cloud_tests/testcases/examples/configure_instances_ssh_keys.py (+31/-0)
tests/cloud_tests/testcases/examples/including_user_groups.py (+43/-0)
tests/cloud_tests/testcases/examples/install_arbitrary_packages.py (+20/-0)
tests/cloud_tests/testcases/examples/run_apt_upgrade.py (+19/-0)
tests/cloud_tests/testcases/examples/run_commands.py (+15/-0)
tests/cloud_tests/testcases/examples/run_commands_first_boot.py (+15/-0)
tests/cloud_tests/testcases/examples/writing_out_arbitrary_files.py (+30/-0)
tests/cloud_tests/testcases/main/__init__.py (+8/-0)
tests/cloud_tests/testcases/main/command_output_simple.py (+21/-0)
tests/cloud_tests/testcases/modules/__init__.py (+8/-0)
tests/cloud_tests/testcases/modules/apt_configure_conf.py (+20/-0)
tests/cloud_tests/testcases/modules/apt_configure_disable_suites.py (+15/-0)
tests/cloud_tests/testcases/modules/apt_configure_primary.py (+20/-0)
tests/cloud_tests/testcases/modules/apt_configure_proxy.py (+22/-0)
tests/cloud_tests/testcases/modules/apt_configure_security.py (+15/-0)
tests/cloud_tests/testcases/modules/apt_configure_sources_key.py (+23/-0)
tests/cloud_tests/testcases/modules/apt_configure_sources_keyserver.py (+23/-0)
tests/cloud_tests/testcases/modules/apt_configure_sources_list.py (+26/-0)
tests/cloud_tests/testcases/modules/apt_configure_sources_ppa.py (+23/-0)
tests/cloud_tests/testcases/modules/apt_pipelining_disable.py (+15/-0)
tests/cloud_tests/testcases/modules/apt_pipelining_os.py (+15/-0)
tests/cloud_tests/testcases/modules/bootcmd.py (+15/-0)
tests/cloud_tests/testcases/modules/byobu.py (+25/-0)
tests/cloud_tests/testcases/modules/ca_certs.py (+20/-0)
tests/cloud_tests/testcases/modules/debug_disable.py (+16/-0)
tests/cloud_tests/testcases/modules/debug_enable.py (+15/-0)
tests/cloud_tests/testcases/modules/final_message.py (+49/-0)
tests/cloud_tests/testcases/modules/keys_to_console.py (+22/-0)
tests/cloud_tests/testcases/modules/locale.py (+27/-0)
tests/cloud_tests/testcases/modules/lxd_bridge.py (+26/-0)
tests/cloud_tests/testcases/modules/lxd_dir.py (+20/-0)
tests/cloud_tests/testcases/modules/ntp.py (+28/-0)
tests/cloud_tests/testcases/modules/ntp_pools.py (+28/-0)
tests/cloud_tests/testcases/modules/ntp_servers.py (+25/-0)
tests/cloud_tests/testcases/modules/package_update_upgrade_install.py (+38/-0)
tests/cloud_tests/testcases/modules/runcmd.py (+15/-0)
tests/cloud_tests/testcases/modules/salt_minion.py (+29/-0)
tests/cloud_tests/testcases/modules/seed_random_data.py (+15/-0)
tests/cloud_tests/testcases/modules/set_hostname.py (+15/-0)
tests/cloud_tests/testcases/modules/set_hostname_fqdn.py (+26/-0)
tests/cloud_tests/testcases/modules/set_password.py (+22/-0)
tests/cloud_tests/testcases/modules/set_password_expire.py (+23/-0)
tests/cloud_tests/testcases/modules/set_password_list.py (+11/-0)
tests/cloud_tests/testcases/modules/set_password_list_string.py (+11/-0)
tests/cloud_tests/testcases/modules/snappy.py (+18/-0)
tests/cloud_tests/testcases/modules/ssh_auth_key_fingerprints_disable.py (+24/-0)
tests/cloud_tests/testcases/modules/ssh_auth_key_fingerprints_enable.py (+18/-0)
tests/cloud_tests/testcases/modules/ssh_import_id.py (+26/-0)
tests/cloud_tests/testcases/modules/ssh_keys_generate.py (+57/-0)
tests/cloud_tests/testcases/modules/ssh_keys_provided.py (+69/-0)
tests/cloud_tests/testcases/modules/timezone.py (+15/-0)
tests/cloud_tests/testcases/modules/user_groups.py (+43/-0)
tests/cloud_tests/testcases/modules/write_files.py (+30/-0)
tests/cloud_tests/util.py (+163/-0)
tests/cloud_tests/verify.py (+93/-0)
tests/data/merge_sources/expected8.yaml (+1/-1)
tests/data/merge_sources/source8-1.yaml (+1/-1)
tests/unittests/__init__.py (+2/-0)
tests/unittests/helpers.py (+63/-48)
tests/unittests/test__init__.py (+61/-33)
tests/unittests/test_atomic_helper.py (+6/-2)
tests/unittests/test_builtin_handlers.py (+4/-0)
tests/unittests/test_cli.py (+5/-0)
tests/unittests/test_cs_util.py (+4/-0)
tests/unittests/test_data.py (+76/-0)
tests/unittests/test_datasource/test_aliyun.py (+4/-0)
tests/unittests/test_datasource/test_altcloud.py (+6/-18)
tests/unittests/test_datasource/test_azure.py (+32/-22)
tests/unittests/test_datasource/test_azure_helper.py (+4/-0)
tests/unittests/test_datasource/test_cloudsigma.py (+20/-2)
tests/unittests/test_datasource/test_cloudstack.py (+4/-0)
tests/unittests/test_datasource/test_common.py (+75/-0)
tests/unittests/test_datasource/test_configdrive.py (+6/-3)
tests/unittests/test_datasource/test_digitalocean.py (+5/-14)
tests/unittests/test_datasource/test_gce.py (+8/-15)
tests/unittests/test_datasource/test_maas.py (+2/-0)
tests/unittests/test_datasource/test_nocloud.py (+2/-0)
tests/unittests/test_datasource/test_opennebula.py (+2/-0)
tests/unittests/test_datasource/test_openstack.py (+10/-23)
tests/unittests/test_datasource/test_ovf.py (+5/-15)
tests/unittests/test_datasource/test_smartos.py (+12/-21)
tests/unittests/test_distros/test_create_users.py (+151/-0)
tests/unittests/test_distros/test_generic.py (+2/-0)
tests/unittests/test_distros/test_hostname.py (+4/-0)
tests/unittests/test_distros/test_hosts.py (+4/-0)
tests/unittests/test_distros/test_netconfig.py (+354/-4)
tests/unittests/test_distros/test_resolv.py (+5/-1)
tests/unittests/test_distros/test_sysconfig.py (+4/-0)
tests/unittests/test_distros/test_user_data_normalize.py (+4/-0)
tests/unittests/test_ec2_util.py (+51/-2)
tests/unittests/test_filters/test_launch_index.py (+4/-0)
tests/unittests/test_handler/test_handler_apt_conf_v1.py (+2/-0)
tests/unittests/test_handler/test_handler_apt_configure_sources_list_v1.py (+2/-0)
tests/unittests/test_handler/test_handler_apt_configure_sources_list_v3.py (+2/-0)
tests/unittests/test_handler/test_handler_apt_source_v1.py (+2/-0)
tests/unittests/test_handler/test_handler_apt_source_v3.py (+2/-0)
tests/unittests/test_handler/test_handler_ca_certs.py (+4/-0)
tests/unittests/test_handler/test_handler_chef.py (+4/-0)
tests/unittests/test_handler/test_handler_debug.py (+4/-14)
tests/unittests/test_handler/test_handler_disk_setup.py (+120/-0)
tests/unittests/test_handler/test_handler_growpart.py (+2/-0)
tests/unittests/test_handler/test_handler_locale.py (+5/-15)
tests/unittests/test_handler/test_handler_lxd.py (+4/-0)
tests/unittests/test_handler/test_handler_mcollective.py (+4/-0)
tests/unittests/test_handler/test_handler_mounts.py (+4/-0)
tests/unittests/test_handler/test_handler_ntp.py (+4/-0)
tests/unittests/test_handler/test_handler_power_state.py (+4/-0)
tests/unittests/test_handler/test_handler_rsyslog.py (+4/-0)
tests/unittests/test_handler/test_handler_seed_random.py (+5/-11)
tests/unittests/test_handler/test_handler_set_hostname.py (+4/-0)
tests/unittests/test_handler/test_handler_snappy.py (+4/-0)
tests/unittests/test_handler/test_handler_spacewalk.py (+4/-0)
tests/unittests/test_handler/test_handler_timezone.py (+5/-15)
tests/unittests/test_handler/test_handler_write_files.py (+2/-0)
tests/unittests/test_handler/test_handler_yum_add_repo.py (+4/-0)
tests/unittests/test_helpers.py (+4/-0)
tests/unittests/test_merging.py (+4/-0)
tests/unittests/test_net.py (+740/-66)
tests/unittests/test_pathprefix2dict.py (+2/-0)
tests/unittests/test_registry.py (+4/-0)
tests/unittests/test_reporting.py (+3/-2)
tests/unittests/test_rh_subscription.py (+7/-13)
tests/unittests/test_runs/test_merge_run.py (+4/-0)
tests/unittests/test_runs/test_simple_run.py (+4/-0)
tests/unittests/test_sshutil.py (+25/-1)
tests/unittests/test_templating.py (+5/-15)
tests/unittests/test_util.py (+71/-0)
tests/unittests/test_version.py (+14/-0)
tests/unittests/test_vmware_config_file.py (+6/-16)
tools/Z99-cloud-locale-test.sh (+77/-75)
tools/Z99-cloudinit-warnings.sh (+30/-0)
tools/cloud-init-per (+1/-0)
tools/ds-identify (+1266/-0)
tools/hacking.py (+3/-2)
tools/hook-dhclient (+3/-0)
tools/hook-network-manager (+2/-0)
tools/hook-rhel.sh (+2/-0)
tools/make-mime.py (+3/-1)
tools/make-tarball (+1/-1)
tools/mock-meta.py (+27/-12)
tools/motd-hook (+4/-16)
tools/net-convert.py (+84/-0)
tools/read-dependencies (+2/-0)
tools/read-version (+3/-1)
tools/uncloud-init (+2/-1)
tools/validate-yaml.py (+5/-3)
tools/write-ssh-key-fingerprints (+1/-0)
tox.ini (+31/-7)
~tore.lonoy/cloud-init:hashed-chpasswd-support
Server Team CI bot: Needs Fixing (continuous-integration)
Scott Moser: Needs Fixing
Diff: 112 lines (+44/-12)
2 files modified
cloudinit/config/cc_set_passwords.py (+36/-11)
doc/examples/cloud-config.txt (+8/-1)
Tore (tlonoy)
summary: - RFE: chpasswd in cloud-init should
+ RFE: chpasswd in cloud-init should support hashed passwords
Scott Moser (smoser)
Changed in cloud-init:
status: New → Confirmed
importance: Undecided → Medium
Scott Moser (smoser)
Changed in cloud-init (Ubuntu):
status: New → Fix Released
importance: Undecided → Medium
Changed in cloud-init (Ubuntu Xenial):
status: New → Confirmed
Changed in cloud-init (Ubuntu Yakkety):
status: New → Confirmed
Changed in cloud-init (Ubuntu Xenial):
importance: Undecided → Medium
Changed in cloud-init (Ubuntu Yakkety):
importance: Undecided → Medium
Scott Moser (smoser)
description: updated
description: updated
Scott Moser (smoser)
description: updated
Revision history for this message
Brian Murray (brian-murray) wrote : Please test proposed package

Hello Tore, or anyone else affected,

Accepted cloud-init into yakkety-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/cloud-init/0.7.9-90-g61eb03fe-0ubuntu1~16.10.1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed.Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Changed in cloud-init (Ubuntu Yakkety):
status: Confirmed → Fix Committed
tags: added: verification-needed
Revision history for this message
Brian Murray (brian-murray) wrote :

Hello Tore, or anyone else affected,

Accepted cloud-init into xenial-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/cloud-init/0.7.9-90-g61eb03fe-0ubuntu1~16.04.1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed.Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Changed in cloud-init (Ubuntu Xenial):
status: Confirmed → Fix Committed
Revision history for this message
Andreas Hasenack (ahasenack) wrote :

Tests passed for xenial according to the instructions (see attached output).

Revision history for this message
Andreas Hasenack (ahasenack) wrote :

Tests passed for yakkety according to the instructions (see attached output).

Revision history for this message
Andreas Hasenack (ahasenack) wrote :

Also launched a yakkety lxd with the attached user-data file, and it correctly changed the user's password to the provided hash.

lxc launch b03fe-yakkety-proposed y1-proposed "--config=user.user-data=$(cat cloud-init.yaml)"

Revision history for this message
Andreas Hasenack (ahasenack) wrote :

Also launched a xenial lxd container with the same user-data file as in the previous comment and it correctly changed the "tom" user's password to the provided hash.

lxc launch b03fe-xenial-proposed x1-proposed "--config=user.user-data=$(cat cloud-init.yaml)"

tags: added: verification-done-xenial verification-done-yakkety
removed: verification-needed
Revision history for this message
Launchpad Janitor (janitor) wrote :
Download full text (3.4 KiB)

This bug was fixed in the package cloud-init - 0.7.9-90-g61eb03fe-0ubuntu1~16.10.1

---------------
cloud-init (0.7.9-90-g61eb03fe-0ubuntu1~16.10.1) yakkety; urgency=medium

  * debian/cloud-init.templates: add Bigstep to list of sources. (LP: #1676460)
  * New upstream snapshot.
    - OpenStack: add 'dvs' to the list of physical link types. (LP: #1674946)
    - Fix bug that resulted in an attempt to rename bonds or vlans.
      (LP: #1669860)
    - tests: update OpenNebula and Digital Ocean to not rely on host
      interfaces.
    - net: in netplan renderer delete known image-builtin content.
      (LP: #1675576)
    - doc: correct grammar in capabilities.rst [David Tagatac]
    - ds-identify: fix detecting of maas datasource. (LP: #1677710)
    - netplan: remove debugging prints, add debug logging [Ryan Harper]
    - ds-identify: do not write None twice to datasource_list.
    - support resizing partition and rootfs on system booted without
      initramfs. [Steve Langasek] (LP: #1677376)
    - apt_configure: run only when needed. (LP: #1675185)
    - OpenStack: identify OpenStack by product 'OpenStack Compute'.
      (LP: #1675349)
    - GCE: Search GCE in ds-identify, consider serial number in check.
      (LP: #1674861)
    - Add support for setting hashed passwords [Tore S. Lonoy] (LP: #1570325)
    - Fix filesystem creation when using "partition: auto"
      [Jonathan Ballet] (LP: #1634678)
    - ConfigDrive: support reading config drive data from /config-drive.
      (LP: #1673411)
    - ds-identify: fix detection of Bigstep datasource. (LP: #1674766)
    - test: add running of pylint [Joshua Powers]
    - ds-identify: fix bug where filename expansion was left on.
    - advertise network config v2 support (NETWORK_CONFIG_V2) in features.
    - Bigstep: fix bug when executing in python3. [root]
    - Fix unit test when running in a system deployed with cloud-init.
    - Bounce network interface for Azure when using the built-in path.
      [Brent Baude] (LP: #1674685)
    - cloudinit.net: add network config v2 parsing and rendering [Ryan Harper]
    - net: Fix incorrect call to isfile [Joshua Powers] (LP: #1674317)
    - net: add renderers for automatically selecting the renderer.
    - doc: fix config drive doc with regard to unpartitioned disks.
      (LP: #1673818)
    - test: Adding integratiron test for password as list [Joshua Powers]
    - render_network_state: switch arguments around, do not require target
    - support 'loopback' as a device type.
    - Integration Testing: improve testcase subclassing [Wesley Wiedenmeier]
    - gitignore: adding doc/rtd_html [Joshua Powers]
    - doc: add instructions for running integration tests via tox.
      [Joshua Powers]
    - test: avoid differences in 'date' output due to daylight savings.
    - Fix chef config module in omnibus install. [Jeremy Melvin] (LP: #1583837)
    - Add feature flags to cloudinit.version. [Wesley Wiedenmeier]
    - tox: add a citest environment
    - Support chpasswd/list being a list in addition to a string.
      [Sergio Lystopad] (LP: #1665694)
    - doc: Fix configuration example for cc_set_passwords module.
      [Sergio Lystopad] (LP: #1665773)
    - ...

Read more...

Changed in cloud-init (Ubuntu Yakkety):
status: Fix Committed → Fix Released
Revision history for this message
Steve Langasek (vorlon) wrote : Update Released

The verification of the Stable Release Update for cloud-init has completed successfully and the package has now been released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

Revision history for this message
Launchpad Janitor (janitor) wrote :
Download full text (3.4 KiB)

This bug was fixed in the package cloud-init - 0.7.9-90-g61eb03fe-0ubuntu1~16.04.1

---------------
cloud-init (0.7.9-90-g61eb03fe-0ubuntu1~16.04.1) xenial-proposed; urgency=medium

  * debian/cloud-init.templates: add Bigstep to list of sources. (LP: #1676460)
  * New upstream snapshot.
    - OpenStack: add 'dvs' to the list of physical link types. (LP: #1674946)
    - Fix bug that resulted in an attempt to rename bonds or vlans.
      (LP: #1669860)
    - tests: update OpenNebula and Digital Ocean to not rely on host
      interfaces.
    - net: in netplan renderer delete known image-builtin content.
      (LP: #1675576)
    - doc: correct grammar in capabilities.rst [David Tagatac]
    - ds-identify: fix detecting of maas datasource. (LP: #1677710)
    - netplan: remove debugging prints, add debug logging [Ryan Harper]
    - ds-identify: do not write None twice to datasource_list.
    - support resizing partition and rootfs on system booted without
      initramfs. [Steve Langasek] (LP: #1677376)
    - apt_configure: run only when needed. (LP: #1675185)
    - OpenStack: identify OpenStack by product 'OpenStack Compute'.
      (LP: #1675349)
    - GCE: Search GCE in ds-identify, consider serial number in check.
      (LP: #1674861)
    - Add support for setting hashed passwords [Tore S. Lonoy] (LP: #1570325)
    - Fix filesystem creation when using "partition: auto"
      [Jonathan Ballet] (LP: #1634678)
    - ConfigDrive: support reading config drive data from /config-drive.
      (LP: #1673411)
    - ds-identify: fix detection of Bigstep datasource. (LP: #1674766)
    - test: add running of pylint [Joshua Powers]
    - ds-identify: fix bug where filename expansion was left on.
    - advertise network config v2 support (NETWORK_CONFIG_V2) in features.
    - Bigstep: fix bug when executing in python3. [root]
    - Fix unit test when running in a system deployed with cloud-init.
    - Bounce network interface for Azure when using the built-in path.
      [Brent Baude] (LP: #1674685)
    - cloudinit.net: add network config v2 parsing and rendering [Ryan Harper]
    - net: Fix incorrect call to isfile [Joshua Powers] (LP: #1674317)
    - net: add renderers for automatically selecting the renderer.
    - doc: fix config drive doc with regard to unpartitioned disks.
      (LP: #1673818)
    - test: Adding integratiron test for password as list [Joshua Powers]
    - render_network_state: switch arguments around, do not require target
    - support 'loopback' as a device type.
    - Integration Testing: improve testcase subclassing [Wesley Wiedenmeier]
    - gitignore: adding doc/rtd_html [Joshua Powers]
    - doc: add instructions for running integration tests via tox.
      [Joshua Powers]
    - test: avoid differences in 'date' output due to daylight savings.
    - Fix chef config module in omnibus install. [Jeremy Melvin] (LP: #1583837)
    - Add feature flags to cloudinit.version. [Wesley Wiedenmeier]
    - tox: add a citest environment
    - Support chpasswd/list being a list in addition to a string.
      [Sergio Lystopad] (LP: #1665694)
    - doc: Fix configuration example for cc_set_passwords module.
      [Sergio Lystopad] (LP: #1665773...

Read more...

Changed in cloud-init (Ubuntu Xenial):
status: Fix Committed → Fix Released
Scott Moser (smoser)
Changed in cloud-init:
status: Confirmed → Fix Committed
Revision history for this message
Scott Moser (smoser) wrote : Fixed in Cloud-init 17.1

This bug is believed to be fixed in cloud-init in 17.1. If this is still a problem for you, please make a comment and set the state back to New

Thank you.

Changed in cloud-init:
status: Fix Committed → Fix Released
Revision history for this message
James Falcon (falcojr) wrote :

Tracked in Github Issues as https://github.com/canonical/cloud-init/issues/2649

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.